This commit is contained in:
Lars Hoogestraat 2018-11-25 00:56:34 +01:00
parent f8f9ab0aa4
commit c630410f5d
3 changed files with 72 additions and 38 deletions

View File

@ -1,60 +1,59 @@
package controllers_test
import (
"net/http"
"fmt"
"net/http/httptest"
"net/url"
"testing"
"git.hoogi.eu/go-blog/components/httperror"
"git.hoogi.eu/go-blog/controllers"
)
func TestLogin(t *testing.T) {
resp, err := doLoginRequest(rGuest, "alice", "123456789012")
err := login("alice", "123456789012")
if err != nil {
t.Fatal(err)
t.Error(err)
}
}
func TestFailLogin(t *testing.T) {
err := login("alice", "test2")
if err == nil {
t.Error("expected a failed login, but error is nil")
}
}
func login(username, password string) error {
resp, err := doLoginRequest(rGuest, username, password)
if err != nil {
return err
}
if resp.getTemplateError() != nil {
t.Fatalf("an error is returned %v", resp.getTemplateError().Error())
return fmt.Errorf("an error is returned %v", resp.getTemplateError().Error())
}
if !resp.isCodeSuccess() {
t.Fatalf("got an invalid http response code %d", resp.getStatus())
return fmt.Errorf("got an invalid http response code %d", resp.getStatus())
}
c, err := resp.getCookie("test-session")
if err != nil {
t.Fatal(err)
return err
}
if c.HttpOnly == false {
t.Error("cookie with session id is missing http only flag")
return fmt.Errorf("cookie with session id is missing http only flag")
}
if c.Secure == false {
t.Error("cookie with session id is missing secure flag")
}
}
func TestFailLogin(t *testing.T) {
resp, err := doLoginRequest(rGuest, "alice", "test2")
if err == nil {
t.Fatalf("Expected an error when credentials are wrong. But error is nil %v", resp.template)
return fmt.Errorf("cookie with session id is missing secure flag")
}
if resp.getTemplateError().(*httperror.Error).HTTPStatus != http.StatusUnauthorized {
t.Errorf("Got an invalid status code. Should be %d, but was %d", http.StatusUnauthorized, resp.getStatus())
}
_, err = resp.getCookie("test-session")
if err == nil {
t.Fatal("the cookie test-session should not be set but is available")
}
return nil
}
func doLoginRequest(user reqUser, login, password string) (responseWrapper, error) {

View File

@ -17,11 +17,12 @@ import (
func TestUserWorklfow(t *testing.T) {
expectedUser := &models.User{
DisplayName: "Homer Simpson",
Email: "homer@example.com",
Username: "homer",
Password: []byte("123456789012"),
Active: true,
DisplayName: "Homer Simpson",
Email: "homer@example.com",
Username: "homer",
PlainPassword: []byte("123456789012"),
Active: false,
IsAdmin: false,
}
userID, err := doAdminCreateUserRequest(rAdminUser, expectedUser)
@ -29,13 +30,29 @@ func TestUserWorklfow(t *testing.T) {
t.Fatal(err)
}
user, err := doAdminGetUserRequest(rAdminUser, userID)
if err != nil {
t.Fatal(err)
}
err = checkUser(user, expectedUser)
if err != nil {
t.Fatal(err)
}
err = login(expectedUser.Username, string(expectedUser.Password))
if err == nil {
t.Fatal(err)
}
expectedUser = &models.User{
ID: userID,
DisplayName: "Homer12 Simpson",
Email: "homer@example.com",
Username: "homer",
Password: []byte("12345678901234"),
Active: true,
ID: userID,
DisplayName: "Homer12 Simpson",
Email: "homer@example.com",
Username: "homer",
PlainPassword: []byte("12345678901234"),
Active: true,
IsAdmin: true,
}
err = doAdminEditUsersRequest(rAdminUser, expectedUser)
@ -43,7 +60,12 @@ func TestUserWorklfow(t *testing.T) {
t.Fatal(err)
}
user, err := doAdminGetUserRequest(rAdminUser, userID)
err = login(expectedUser.Username, string(expectedUser.Password))
if err == nil {
t.Fatal(err)
}
user, err = doAdminGetUserRequest(rAdminUser, userID)
if err != nil {
t.Fatal(err)
}
@ -67,6 +89,9 @@ func checkUser(user, expectedUser *models.User) error {
if user.Active != expectedUser.Active {
return fmt.Errorf("got an unexpected active. expected: %t, actual: %t", expectedUser.Active, user.Active)
}
if user.IsAdmin != expectedUser.IsAdmin {
return fmt.Errorf("got an unexpected isAdmin. expected: %t, actual: %t", expectedUser.IsAdmin, user.IsAdmin)
}
return nil
}
@ -110,6 +135,12 @@ func doAdminEditUsersRequest(user reqUser, u *models.User) error {
}
addValue(values, "active", s)
s = "on"
if u.IsAdmin == false {
s = "off"
}
addValue(values, "admin", s)
r := request{
url: "/admin/user/edit" + strconv.Itoa(u.ID),
method: "POST",

View File

@ -189,6 +189,7 @@ func post(path string, values url.Values) (*http.Request, error) {
b.WriteString(values.Encode())
req, err := http.NewRequest("POST", path, &b)
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
return req, err
}
@ -210,6 +211,9 @@ const (
rInactiveUser
)
//request used to build an http.Request with specified values
//url will not really considered as the requests are not send, the *http.Request is just passed directly to the controllers
//pathvar is an array of key/value pairs used as dynamic query parameters such as /article/{id}
type request struct {
url string
user reqUser